View Javadoc
1   /*
2    * Copyright 2006-2011 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5    * the License. You may obtain a copy of the License at
6    *
7    * https://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10   * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11   * specific language governing permissions and limitations under the License.
12   */
13  
14  package org.springframework.security.oauth2.provider;
15  
16  import java.util.Map;
17  
18  /**
19   * Strategy for managing OAuth2 requests: {@link AuthorizationRequest}, {@link TokenRequest}, {@link OAuth2Request}.
20   * 
21   * @author Dave Syer
22   * @author Amanda Anganes
23   * 
24   */
25  public interface OAuth2RequestFactory {
26  
27  	/**
28  	 * Create a new {@link AuthorizationRequest} extracting all the needed information from the incoming parameter map,
29  	 * and initializing all individual fields on the {@link AuthorizationRequest} to reasonable values. When a class
30  	 * uses the factory to create an {@link AuthorizationRequest}, it should not need to access the parameter map
31  	 * directly afterwards.
32  	 * 
33  	 * Typical implementations would initialize the individual fields on the {@link AuthorizationRequest} with the
34  	 * values requested in the original parameter map. It may also load the client details from the client id provided
35  	 * and validate the grant type and scopes, populating any fields in the request that are known only to the
36  	 * authorization server.
37  	 * 
38  	 * @param authorizationParameters the parameters in the request
39  	 * @return a new AuthorizationRequest
40  	 */
41  	AuthorizationRequest createAuthorizationRequest(Map<String, String> authorizationParameters);
42  
43  	/**
44  	 * Create a new {@link OAuth2Request} by extracting the needed information from the current
45  	 * {@link AuthorizationRequest} object.
46  	 * 
47  	 * @param request the request to be converted
48  	 * @return an immutable object for storage
49  	 */
50  	OAuth2Request createOAuth2Request(AuthorizationRequest request);
51  
52  	/**
53  	 * Create a new {@link OAuth2Request} by extracting the needed information from the current {@link TokenRequest}
54  	 * object.
55  	 * @param client TODO
56  	 * @param tokenRequest the request to be converted
57  	 * 
58  	 * @return am immutable object for storage
59  	 */
60  	OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest);
61  
62  	/**
63  	 * Create a new {@link TokenRequest} by extracting the needed information from the incoming request parameter map.
64  	 * 
65  	 * @param requestParameters the parameters in the request
66  	 * @param authenticatedClient the client that authenticated during the token request
67  	 * @return a new TokenRequest
68  	 */
69  	TokenRequest createTokenRequest(Map<String, String> requestParameters, ClientDetails authenticatedClient);
70  
71  	/**
72  	 * Create a new {@link TokenRequest} from an {@link AuthorizationRequest}. Principally used by the
73  	 * AuthorizationEndpoint during the implicit flow.
74  	 * 
75  	 * @param authorizationRequest the incoming request
76  	 * @param grantType the grant type for the token request
77  	 * @return a new token request
78  	 */
79  	TokenRequest createTokenRequest(AuthorizationRequest authorizationRequest, String grantType);
80  
81  }